Increasingly, enterprises and individuals are housing data that may be confidential in nature in remote environments across the Internet. This information can be transmitted over the Internet using secure and insecure communication mechanisms.
Often to assure confidentiality, the data storage service permits the information to be encrypted and/or retrieved via secure communications, such as Secure Sockets Layer (SSL), etc.
However, there have been instances where the data storage service is penetrated by an intruder and confidential data is compromised. Some of these instances have received world-wide attention in the news. The problem is not limited to private enterprises; the federal government has also encountered security issues with confidential data being compromised.
Additionally, even if outside intruders are not capable of penetrating a confidential data repository, there is still a substantial risk that individuals internal to an enterprise or the government may surreptitiously compromise confidential data. In fact, this situation poses an even greater risk because even if the data is encrypted within the repository the encryption/decryption keys are retrievable or discoverable by the internal administrators associated with the data repository. As a result, there are still substantial security risks with outsourcing confidential data, and so much so that many enterprises and individuals still refuse to outsource their sensitive data. But, internally managing sensitive data requires staff, systems, policies, and resources, which can add to the bottom line of enterprises; and many of these enterprises, are not adept at performing these technical tasks.
Consequently, there is a need for improved techniques to secure and manage content.